Re: Firewall test software?

Tue, 19 Mar 2002 17:34:05 -0800 


hi ya

port scanning is NOT a firewall test???
- it doesnt matter that it says port 25 is open for the mail server
- it doesnt matter that it says port 80 is open for the web server

what you are really interested in is...
        - is apache the latest/greatest ... ( no known exploits )
        - is sendmail the latest/greatest ... ( no known exploits )

if you left all the ports open on your firewall ...
        - you dont need a port scanner to tell you its open
        ( there's more issues...

if you wanna test that your firewall is working properly ...
        - hook up a random laptop ... if that laptop can
        sniff your sensitive data... your firewall failed...

if the outside customers cannot send and receive emails from
your employee from inside the company ... your firewall failed...

if the outside custoemrs can see your internal network topology...
you should change your firewall rules

... gazillion firewall tests ...

if you unplug the firewall ... 
        - can people still work ???? .. if not its not working "right"

if the hackers gets into your firewall...
        - what can they sniff ...

firewall testing
----------------
        --
        -- apply all the rootkits from the outside...
        --
        http://www.itsecurity.com/papers/p5.htm
        http://www.rootprompt.org/article.php3?article=323
        http://www.linuxdoc.org/HOWTO/mini/Firewall-Piercing/
        http://www.linuxdoc.org/HOWTO/mini/Term-Firewall/

have fun linuxing
alvin


On Tue, 19 Mar 2002, Thorsten Henninger wrote:

> Hi,
> I like this online fireall scan:
> 
> http://scan.sygatetech.com/
> 
> Then do a "Quick Scan"
> and they show you, if any insecure ports are open and so on ....
> There are a lot more "Online Firewall Tests" available,
> I do not really know if they are good, but at least they show you
> any major leaks!
> 
> regards,
> 
> Thorsten
> 
> 
> Jiunn-Jye Chen wrote:
> 
> >Hi
> >  I have set up one pix firewall. How can I know that the policies I
> >have set work properly? Is there any sofeware that can test a firewall's
> >policies working correctely and produce some reference data?
> >Thanks
> > Eric Chen
> >
> >
> >_______________________________________________
> >Firewalls mailing list
> >[EMAIL PROTECTED]
> >http://lists.gnac.net/mailman/listinfo/firewalls
> >
> 
> 
> 
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
> 

_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

Reply via email to